Menu
I'm getting a javax.net.ssl.SSLException: Received fatal alert: bad_record_mac for an HTTPS connection. This doesn't happen for every request -- if I send the same request in 10 times I only get this error once or twice.
I have the following code to validate the certificate:
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
try {
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("SSLv3");
} catch (NoSuchAlgorithmException e3) {
logException(Arrays.toString(e3.getStackTrace()));
}
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
SSLSocketFactory factory = sslContext.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(factory);
} catch (KeyManagementException e) {
logException(Arrays.toString(e.getStackTrace()));
}
// Create all-trusting host name verifier
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
/*
* end of the fix
*/
I've set two system properties in my main method:
System.setProperty("jsse.enableSNIExtension", "false");
System.setProperty("https.protocols", "SSLv3");
But nothing helps.
474
According to this rubygems issue and the detailed description of the error (see below), it appears to be a bug in Oracle's JDK that is not present in OpenJDK. I recall (but cannot verify) that there was a bug in OpenSSL that also caused this error, so you may want to check the software on the other side of the connection.
You can read more details about what this error means here.
82
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
